DMZScreen protects your web presence by providing a secure presentation layer with only trusted and legitimate traffic being transferred to and from your network. DMZScreen also allows existing websites to deliver their IPv4 as IPv6 native.
With a secure web application front end, DMZScreen filters and secures traffic before it is passed onto your internal systems. Adding an additional layer of defense, the reverse proxy service is used to protect some of New Zealand's highest profile e-commerce sites and secure applications such as webmail and collaboration software.
The key attributes of DMZScreen include:
- Industry leading security delivered in a totally transparent manner to the user, so any Internet connected device can use the service.
- DMZScreen has the ability to deliver all your current content in an IPv6 compliant manner without the need to invest in any new infrastructure and an expensive network readiness program.
- DMZScreen provides reverse proxy services that implement application level restrictions such as URL filtering to ensure that only the necessary services can be accessed.
- The reverse proxy services provide an additional level of user authentication, including client side certificates, query against a customer or DMZGlobal user database (requires LDAP or RADIUS support).
- HTTPS is used to provide strong encryption of traffic between the client device and the client's network. Encryption is standards based, using 128 bit SSL (Secure Sockets Layer).
- The use of encryption ensures the confidentiality and integrity of the conversation, but it does not protect the client device. DMZGlobal can provide advice on ways of implementing security for client devices as well as End-Point Security Management services.
The key business benefits of DMZScreen include:
Cost and Flexibility
As a managed service DMZScreen, leverages significant economies of scale to deliver an Industry leading solution for a fraction of the price of doing it in-house. The DMZScreen solution is a cost-effective and highly accessible solution for remote access and application delivery.
The key security benefits of this solution are:
- FTP, XML, HTTP & HTTPS protection and protocol validation: Detecting violations of the HTTP protocol.
- Protection against both known and zero day threats and attacks: Detecting common web application security attacks such as: cross-site scripting; buffer over flow attempts; invalid data input; SQL / OS Injection and Cookie poisoning.
- Disclosure prevention: Stops targeted attacks by preventing the disclosure of critical system and business information such as system finger printing and application error codes.
- Automation and Trojan detection: Detecting Trojans, bots, crawlers, scanners and other malicious activity.
- Vulnerability Signatures: Protects against known vulnerabilities in web applications.
- Anti-evasion techniques: Prevents common IDS bypass techniques.
- SSL Decryption: Termination of SSL traffic to facilitate inspection. Connection to client systems can be reencrypted if required.
Compliance and Reporting
- Detailed reports showing web site statistics and mitigated attacks.
- Upon request, detailed logs for forensic purposes.
- Assistance with PCI DSS compliance.
Caching of content, further increasing WAN efficiencies.
With a robust architecture DMZScreen is designed for maximum availability with replicated systems and active load balancing across multiple sites. The integrated nature of the DMZGlobal product suite means system availability can be maximized by combining DMZInternet and DMZDDoS with DMZScreen.
- DMZInternet: Using multiple Points of Presence, carriers and Internet Service Providers, along with industry leading security technology, DMZInternet is New Zealand's most secure and robust Internet service.
- DMZDDoS: New Zealand's first ‘In cloud' DDoS (Distributed Denial of Service ) protection service. With full threat detection, mitigation and surgical removal of attack traffic, protecting your web-facing services (e.g. DNS, HTTP, VoIP, IM & P2P) from DOS and DDoS